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CLAIMS 

1. An asymmetrical key cryptography method involving a 
keyholder having a number m>\ of private keys Q x ,Q 2 ,->Q m 
and respective public keys G 15 G 2 ,...,G m , each pair of keys 

5 (0,G>) (where / = l v .,m) satisfying either the relationship 
G^Q-modn or the relationship G i x Q. v = 1 mod n , where n is 
a public integer equal to the product of / (where f>\) 
private prime factors p x ,^p f , at least two of which are 
separate, and the exponent v is a public integer equal to 
10 a power of 2, which method is characterized in that 
v = 2 b+k , 

where & is a strictly positive integer and b = max(Z? 1 ,... ? fe / ) , 
where b } (where 7 = 1,...,/) is the highest integer such that 

(Pj-V)l2 bj ~ x is even, 
15 and each public key G, (where i = l,...,m) is of the form 

G i = g, 2 ' mod n , 

where the base numbers g i are integers strictly greater 
than 1 and the numbers a i are integers such that l<a,<6 
and at least one of them is strictly greater than 1. 

20 

2. A method according to claim 1, characterized in that 
at least one of said prime factors p x ^p f is congruent to 
1 modulo 4 and the integers a { (where / = l,...,m) are all 
equal to said number b . 

25 

3. A method according to claim 1 or claim 2, 
characterized in that said base numbers g l9 ... 9 g m include at 
least one number g,and said prime factors p l9 ...,p f include 
at least two numbers p t and p u other than 2 such that, 

30 given said numbers b X9 ...,b f , 

- if b t =b u , then (g s | p t ) = -(g s \ P u ) , and 
• if b t <b u , then (g s | pj = -l , 
where (g s \ p t ) and (g s | p u ) denote the Legendre symbols of g s 
relative to p t and p u . 
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4. A method according to any one of the preceding claims, 
characterized in that the base numbers g P ...,g m are prime 

numbers . 

5 5. A method according to any one of claims 1 to 4 # 

involving a controller and said keyholder, here called 
the claimant, characterized in that it comprises the 
following steps: 

• the claimant chooses at random an integer r , 

10 calculates the witness R = r v modn and sends the witness to 

the controller, 

• the controller chooses at random m challenges 
d X9 d 29 ... 9 d m where i = l,...,m and sends the challenges to the 

claimant , 

15 • the claimant calculates the response 

D = rx Q x dl x Q 2 d2 x ...*Q m dm mod n , 
and sends the response to the controller, and 

• the controller calculates 
D v x G, Ml x G 2 £2dl x ...xG; A mod n 

2 0 where, for i = l,...,m f =+1 if G> x Q. v = 1 mod n and e g =-l if 

G, = Q- mod n , 

and verifies that the result is equal to the witness R . 

6. A method according to any one of claims 1 to 4, 
25 enabling a controller to verify that a message M that it 
has received was sent to it by said keyholder, here 
called the claimant, characterized in that it comprises 
the following steps: 

• the claimant chooses at random an integer r and 
30 first calculates the witness R = r v modn f then calculates 

the token T = h(M,R) , where h is a hashing function, and 
finally sends the token T to the controller, 

• the controller chooses at random m challenges 
d X9 d 29 ... 9 d m where i=l,...,m, and sends the challenges to the 

3 5 claimant, 

• the claimant calculates the response 
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D = rxQ dx xQ 2 2 x...xQ m dm modn and sends the response to the 

controller, and 

• the controller calculates 

h{h4,D v xG* xdx xG 2 ldl x...xG; A modw) where, for i=l,...,m, =+1 
5 if G,xe. v =lmodn and *,=-l if G, = 0 v modn # and verifies 
that the result is equal to the token T . 

7. A method according to claim 5 or claim 6, 
characterized in that the challenges satisfy the 

10 condition 0<d s <2 k -l for i' = l t ...,m - 

8. A method according to any one of claims 1 to 4, 
enabling said keyholder, here called the signatory, to 
sign a message M that it sends to a controller, 

15 characterized in that it comprises the following steps: 

• the signatory chooses at random m integers r t , 

where i = l,...,m, and first calculates the witnesses 
R = r v modn, then calculates the token T = h(M 9 R ly R 2 ,...,R m ) , 
where h is a hashing function producing a word of m 
20 bits, and finally sends the token T to the controller, 

• the signatory identifies the bits d x ,d 2 ,...,d m of the 

token T , 

• the signatory calculates the responses 

£>. = r x x Q di mod n and sends the responses to the controller, 

2 5 and 

• the controller calculates 

h{M,D x v x G* ldl mod rc, D 2 x G 2 ldl mod n^Dj x G m e " dm mod n) 

where , for i = l,...,m , e i = +1 if G, x Q f v = 1 mod n and s t = -1 if 

G i =Q. v modn, and verifies that the result is equal to the 

3 0 token T . 

9. An electronic circuit including a processor and 
memories, characterized in that it can be programmed to 
act as said keyholder in executing a method according to 

3 5 any one of claims 1 to 8 . 
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10. A dedicated electronic circuit, characterized in that 
it includes microcomponents enabling it to process data 
in such manner as to act as said keyholder in executing a 
method according to any one of claims 1 to 8 . 

5 

11. A portable object adapted to be connected to a 
terminal to exchange data with that terminal, 
characterized in that it includes an electronic circuit 
according to claim 9 or claim 10 and is adapted to store 

10 identification data and private keys specific to said key 
holder . 

12 . A terminal adapted to be connected to a portable 
object to exchange data with that portable object, 

15 characterized in that it includes a data processing 

device programmed to act as said controller in executing 
a method according to any one of claims 1 to 8 . 

13. A cryptography system comprising a portable object 

2 0 according to claim 11 and a terminal according to claim 

12 . 

14. Non-removable data storage means containing 
electronic data processing program code instructions for, 

25 as said keyholder, executing the steps of any of the 

methods of a method according to any one of claims 1 to 
8. 

15. Partially or totally removable storage means 

3 0 containing electronic data processing program code 

instructions for, as said keyholder, executing the steps 
of a method according to any one of claims 1 to 8 . 

16. A data processing device comprising storage means 
35 according to claim 14 or claim 15. 
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17. Non- removable data storage means containing 
electronic data processing program code instructions for, 
as said controller, executing the steps of any of the 
methods of a method according to any one of claims 1 to 

5 8 . 

18. Partially or totally removable data storage means 
containing electronic data processing program code 
instructions for, as said controller, executing the steps 

10 of a method according to any one of claims 1 to 8 . 

19. A data processing device, characterized in that it 
comprises storage means according to claim 17 or claim 
18. 

15 

20. A cryptography system comprising a data processing 
device according to claim 16 and a data processing device 
according to claim 19. 

20 21. A computer program containing instructions such that, 
when said program controls a programmable data processing 
device, said instructions cause said data processing 
device to execute a method according to any one of claims 
1 to 8. 



